FireEye – Page 7 – WindowsTechs.com

Senate hearing on SolarWinds hack lays bare US shortcomings, remaining mysteries

Posted on February 23, 2021 by Tim Starks

A host of federal government policy failures contributed to the rippling damage of the SolarWinds hack, leaders of cyber firms told a Senate panel on Tuesday, with even lawmakers saying Congress must do more to prevent a repeat. More than two months after the hack became public, the wide-ranging Senate Select Committee on Intelligence hearing committee demonstrated that the U.S. government, the private sector and digital incident responders still are wrestling with the ramifications of an suspected Russian espionage campaign that leveraged the federal contractor SolarWinds. A number of big questions remain: SolarWinds still hasn’t determined how the hackers originally got into its systems, nobody has fully settled debates on whether the incident amount to espionage, or something worse, and suspicions abound that more victims remain unrevealed. “It has become clear that there is much more to learn about this incident, its causes, its scope and scale, and where we […]

The post Senate hearing on SolarWinds hack lays bare US shortcomings, remaining mysteries appeared first on CyberScoop.

Continue reading Senate hearing on SolarWinds hack lays bare US shortcomings, remaining mysteries→

FireEye IDs hacking group suspected in Accellion, Kroger breach

Posted on February 22, 2021 by Jeff Stone

Security investigators have identified the hacking group suspected to be behind a data breach of an IT firm that has affected a number of corporations, law firms and other organizations in recent months. Accellion, a software firm that provides file transfer services to more than 3,000 clients, on Monday said that UNC2546, a “criminal” attacker, had exploited multiple vulnerabilities in Accellion software to install malware. The group appeared to infiltrate an Accellion tool to gather information from Accellion clients, then contact victims, threatening to publish their stolen data. Mandiant, the incident response arm of the security vendor FireEye, made the determination that UNC3546 was behind the incident. The breach at Accellion, uncovered on Dec. 23, involved an attacker leveraging a zero-day vulnerability to break into the Palo Alto-based cloud company’s secure file transfer application, or FTA. “The motivation of UNC2546 was not immediately apparent, but starting in late January 2021, […]

The post FireEye IDs hacking group suspected in Accellion, Kroger breach appeared first on CyberScoop.

Continue reading FireEye IDs hacking group suspected in Accellion, Kroger breach→

Analysts need advanced automation tools to reduce fear of missing incidents

Posted on February 17, 2021 by Help Net Security

Security analysts are becoming less productive due to widespread “alert fatigue” resulting in ignored alerts, increased stress, and fear of missing incidents, according to an IDC survey of 350 internal and MSSP security analysts and managers. To improv… Continue reading Analysts need advanced automation tools to reduce fear of missing incidents→

Bryan Palma named Executive Vice President of FireEye Products

Posted on February 7, 2021 by Industry News

FireEye announced that Bryan Palma has joined the company as Executive Vice President of FireEye Products. In this role, Palma will lead the FireEye product team to further develop the company’s industry-leading product portfolio and optimize SaaS secu… Continue reading Bryan Palma named Executive Vice President of FireEye Products→

To combat cyber warfare the security industry needs to work together

Posted on February 1, 2021 by Help Net Security

Just when we thought 2020 couldn’t get worse, security firm FireEye broke the news that the compromise of a software solution by IT solutions provider SolarWinds had resulted in security breaches across the public and private sector, at dozens of compa… Continue reading To combat cyber warfare the security industry needs to work together→

Emotet, NetWalker and TrickBot have taken big blows, but will it be enough?

Posted on January 29, 2021 by Tim Starks

A trio of operations meant to disrupt ransomware outfits in recent months — two of which came to light this week — could have lasting impacts even if they stop short of ending the threat, security experts say. Researchers are still sizing up the effects of recent busts of the Emotet and NetWalker gangs, but those operations have the potential to be more potent than last fall’s maneuvers against the TrickBot ransomware. In research out Friday, Menlo Security — echoing similar conclusions from other cyber firms — said it saw signs of TrickBot recovering, but the rebound has amounted to just a “trickle.” U.S. Cyber Command and Microsoft had led separate efforts to disrupt the hacking infrastructure of TrickBot, a massive army of zombified computers. The fear was that the botnet could be used to carry out ransomware attacks afflicting the November elections. This week’s two operations might be more promising […]

The post Emotet, NetWalker and TrickBot have taken big blows, but will it be enough? appeared first on CyberScoop.

Continue reading Emotet, NetWalker and TrickBot have taken big blows, but will it be enough?→

For Microsoft, cybersecurity has become bigger than business

Posted on January 27, 2021 by Tim Starks

Since the cybersecurity firm FireEye hired Microsoft to help investigate a hack at the federal contractor SolarWinds, Microsoft has helped clean up the mess, alerted victims and distributed other details meant to fend off alleged Russian spies. Microsoft did all of that as it wrestled with its own probe of how hackers infiltrated its systems. Yet the company’s role in the SolarWinds investigation, while significant, represents a fraction of the cybersecurity-focused work Microsoft has done in recent years, including some behind the scenes and some in globe-spanning public relations campaigns. Once viewed as a traditional tech behemoth, Microsoft has evolved into a firm that fights cybersecurity battles in court, in election administration, in the international sphere, in the marketplace and elsewhere. The entirety of that perspective gives Microsoft a unique — if imperfect — place in the cybersecurity universe. The size of the company, and its level of visibility into […]

The post For Microsoft, cybersecurity has become bigger than business appeared first on CyberScoop.

Continue reading For Microsoft, cybersecurity has become bigger than business→

Twenty-three SUNBURST Targets Identified

Posted on January 25, 2021 by Erik Hjelmvik

Remember when Igor Kuznetsov and Costin Raiu announced that two of the victims in FireEye’s SUNBURST IOC list were ***net.***.com and central.***.gov on Kaspersky’s Securelist blog in December? Reuters later reported that these victims were Cox Communi… Continue reading Twenty-three SUNBURST Targets Identified→

Malwarebytes says it was also breached by SolarWinds hackers

Posted on January 20, 2021 by Waqas

By Waqas
According to Malwarebytes, SolarWinds hackers accessed its internal email communication. Here’s what we know so far.
This is a post from HackRead.com Read the original post: Malwarebytes says it was also breached by SolarWinds hackers
Continue reading Malwarebytes says it was also breached by SolarWinds hackers→

Malwarebytes was breached by the SolarWinds attackers

Posted on January 20, 2021 by Zeljka Zorz

A fourth malware strain wielded by the SolarWinds attackers has been detailed by Symantec researchers, followed by the disclosure of the attackers’ ingenous lateral movement techniques and the release of an auditing script by FireEye researchers … Continue reading Malwarebytes was breached by the SolarWinds attackers→